Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Video Reviews - Security and Privacy
F-Secure Safe
Message
<blockquote data-quote="MacDefender" data-source="post: 892360" data-attributes="member: 83059"><p>Interesting test.... Just some observations:</p><p></p><ul> <li data-xf-list-type="ul">Web protection seemed to miss 2 phishing pages. Perhaps the weakness here is specific to phishing?</li> <li data-xf-list-type="ul">Seems like one of the malicious links downloads a VBS and that is then caught by DeepGuard, of all things! </li> <li data-xf-list-type="ul">F-Secure static scanning, unsurprisingly, seems to have let some samples escape but caught them dynamically when they were run (not even by DeepGuard for a few of them). This seems to match our observations that F-Secure isn't the best at static scanning even though its overall protection is quite good. If you rely on static scanning as a primary means, it's better to choose something else.</li> <li data-xf-list-type="ul">I was surprised that running all 23 missed samples resulted in no infections. In terms of testing methodology, not sure I would have run all the malware simultaneously -- depending on how these samples attempt to infect, running them all concurrently could've affected their ability to infect the system.</li> <li data-xf-list-type="ul">Zemana seems to have identified 7-zip.dll as malicious. Seems like a false alarm to me.</li> </ul><p></p><p>Though there were no misses here, as far as F-Secure is concerned, it's worth mentioning that their BB, DeepGuard, is allegedly sensitive to how the files are introduced onto the system. In this case, the sample pack was extracted with F-Secure turned off completely. It's usually recommended to introduce the files via removable drive or network download, both of which cause DeepGuard to err on the side of suspicion. However, it seems like in the past 1-2 years, DeepGuard cares less about this (perhaps because this behavior made testing F-Secure difficult)</p></blockquote><p></p>
[QUOTE="MacDefender, post: 892360, member: 83059"] Interesting test.... Just some observations: [LIST] [*]Web protection seemed to miss 2 phishing pages. Perhaps the weakness here is specific to phishing? [*]Seems like one of the malicious links downloads a VBS and that is then caught by DeepGuard, of all things! [*]F-Secure static scanning, unsurprisingly, seems to have let some samples escape but caught them dynamically when they were run (not even by DeepGuard for a few of them). This seems to match our observations that F-Secure isn't the best at static scanning even though its overall protection is quite good. If you rely on static scanning as a primary means, it's better to choose something else. [*]I was surprised that running all 23 missed samples resulted in no infections. In terms of testing methodology, not sure I would have run all the malware simultaneously -- depending on how these samples attempt to infect, running them all concurrently could've affected their ability to infect the system. [*]Zemana seems to have identified 7-zip.dll as malicious. Seems like a false alarm to me. [/LIST] Though there were no misses here, as far as F-Secure is concerned, it's worth mentioning that their BB, DeepGuard, is allegedly sensitive to how the files are introduced onto the system. In this case, the sample pack was extracted with F-Secure turned off completely. It's usually recommended to introduce the files via removable drive or network download, both of which cause DeepGuard to err on the side of suspicion. However, it seems like in the past 1-2 years, DeepGuard cares less about this (perhaps because this behavior made testing F-Secure difficult) [/QUOTE]
Insert quotes…
Verification
Post reply
Top